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(57) Abstract 

A. method for managing a global copy protection system for home networks is provided. Particularly, the defined method protects 
copyrighted digital content from unauthorized copying as it is transmitted across digital interfaces, provided a practical way of creating 
legitimate copies of broadcast and prerecorded content, and prevents illeigitimate copies from being viewed. 
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1 

A COPY PROTECTION SYSTEM FOR HOME NETWORKS 

Field of the Invention 

5 This invention concerns a system that may be used to manage 

access to a copy of a scrambled digital stream, such as a program or event. The 
scrambled digital stream is not descrambled until it is detennined that the copy of 
the program is legitimate. 

10 Backoround of the Invention 

Today's NTSC televisions receive broadcast sen/ices from a variety 
of sen/ice providers. Some television receivers are capable of receiving 
unscrambled information or programs from broadcast, satellite and cable 
15 networks. Traditionally, cable networks or digital satellite systems providing 

scrambled or encrypted programs usually require a separate stand-alone device 
(e.g., a set-top box) to descramble or decrypt the program. These set-top boxes 
may utilize a removable smart card which contain the necessary decrypting 
algorithms and keys. 

20 

In the near future, digital televisions (DTVs) and digital set-top 
boxes (STBs) will be capable of receiving digital broadcast, cable and satellite 
services, therefore, the protection of digital video and audio content has become 
one of the major issues for the Information Technology (IT), Consumer 
25 Electronics (CE) and Motion Picture (MP) industries. Analog services can be 
protected reasonably well using a signal distortion mechanism. As a similar 
solution is not possible for digital content, a new approach for delivering digital 
audio and video content with adequate protection against illegal duplication is 
needed. 



30 



Summary of the Invention 



The present invention resides, in part, in recognition of the 
described problem and, in part, in providing a solution to this problem. A method 

35 is described for preventing the use of unauthorized copies of digital content (e.g., 
movies, etc.). The content, presented in MPEG-2 Transport Stream fonnat, is 
scrambled using a common algorithm before release. The scrambling keys and 
other data are included in the Entitlement Control Messages (ECMs) that may b? 
encrypted with the public key of a renewable security device (for example, a 

40 removable smart card). The other data includes the price and source (broadcast 
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or pre-recorded) of the content (or program) and Copy Control Infomiation (CCD 
Be^re recording a program, the recording device, connected to thelme ^' 

de tested th h ' '"'""^ ' ' --'^'^^ " 

detected, the recorder attaches a "copy-mark" or "data Item" to each ECM in th« 

'''"^ ^"^"^ ^^^^ itrmTdl^tes ^^^^^^^^^ 

llnerar'"7 ^'^^ ^^^--t) has been cop e 

InLT T? " " ECMs are enc Jed 

once again. This process, called ECM nesting, allows the renewabrsecuf 
device coupled to the display unit (e.g.. Digital TV) to distinguish be^Hn ^ 
legitimate and illegitimate copies. oeiween 

f... • ^''^"^ °'' ^'■"^'■^'^ ^^^^'■'''^d herein comprises one of the 

following: (1 ) audio/visual data such as a movie, weekly -lelevision" show or « 

d,g«al satellite net»ort<s, powers o. electronic list of events, sucTas 7^2^ 
P^gram g„,de provide., and in certain cases internet sen,ice provided 

k.„ h , T^"" ^ the present invention may utilize public 
key technology. Typically, such a system uUlizes one public key (coneZdino 
.0 a smart card) ,or al, service prt,vide,s. Each smart ca„ has JZ7e^7 
secret pnvate key that can decw messages encrypted by the p^blc rev Te 
^™ce prov^er sends a conditional access ,CA, smHtemen, ^C^ 'e ^ 
lernent Control Message or ECM) ,n the bl, stream encrypted byThe pubTc 
k^tha. may contain the name o. the seMce provider, and Z name Tme a^d 
cost of the program. This message is decrypted by the smart card andThe 
apptopnate .nfonnatlon Is stored therein. In one embodiment, the smart card may 
have a certain amount of credit for purchases that has been enabled by a bank oT 
fnom a sendee provider. As long as the Bmit Is not exceeded, sen/ices can be 
purchased by the user. At some approprtate preprogrammed UmTme smart 

to the CA center Using a secure channel, the CA center in cooperation v,lth a 
pZ^ ^PP^Pi^atB service 

acce,, « « '^'T^' '^''"'^ a ™thod for managbg 

access (,.e.. vrewng) to a copy of a restricted (or scrambled) broadcast or 
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transmitted program. In accordance with one aspect of the present invention, a 
method for copying a program having a scrambled program content component 
(for example, an audio/video program) and an encrypted control component (e.g.. 
ECM) is defined. The method comprises receiving the program in a recording 
5 apparatus, and attaching a data item to the encrypted control component. The 
data item is used to indicate that the program has been copied. Finally, the 
encrypted control component and the data item together are encrypted to 
generate a nested control component. 

10 in accordance with another aspect of the present invention, a 

method for managing access to a copy of a restricted program comprises 
receiving the restricted program in a processing apparatus. The nested control 
component is decrypted to obtain the encrypted control component and the data 
item. The encrypted control component is then decrypted to obtain a 

15 descrambling key and copy control information. The data item and the copy 
control information is compared to determine if the copy is authorized (or valid) 
and, if authorized, the program contentcomponent is descrambled using the 
descrambling key. 

20 In accordance with yet another aspect of the present invention, the 

method for managing access to the recorded copy of a restricted program 
employs a smart card coupled to a video processing apparatus. Particularly, the 
method comprises transferring a cash reserve and entitlements to the smart card, 
receiving the recorded copy of the restricted program in the smart card, obtaining 

25 a descrambling key, copy control information and purchase infonnation, 

comparing the copy control information and the data item to determine if said 
copy is authorized and verifying that the cost of the restricted program is less than 
the stored cash reserve. The cost of the restricted program is then deducted from 
the stored cash resen/e, and the audio/video component is descrambled using 

30 the descrambling key. It is within the scope of the invention to substitute a "time 
model" for the "cost model", that is, the amount of time that a program is 
authorized to be viewed may be controlled. 



35 



These and other aspects of the invention will be explained with 
reference to a prefen^ed embodiment of the invention shown in the accompanying 
Drawings. 
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Brief Desnri ption of tho nra.yjng 

Figure 1 is a block diagram illustrating a home network comprised of 
various digital devices that may receive scrambled content from a plurairo 
sources: K»«iaiiiy ui 



5 sources; 



/=^ri?"'^ ^ '''^^'■^^ ^^^'"'"9 ^ ^P*^^' entitlement control 
message (ECM); 



10 Figure 2b is a diagram defining a nested ECM in accordance with 

one embodiment of the present invention; 

Figure 2c is a diagram defining an Extended ECM in accordance 
with another embodiment of the present invention- and 

15 

Figure 3 is a block diagram illustrating a typical home network 
employing the present invention. 

Detailed Des cription nf tho rtr=».mq 

"^^^eP-^sent invention provides a conditional access system, which 

s'c^ImhC *° "'T '° P-9--- --P'e. 

scrambled (or encrypted) programs. A conditional access system may be 
integrated into a renewable security device, such as a smart card complying to 
25 the National Renewable Security Standard (NRSS). EIA-679 Part A or Part B 
The conditional access system, when implemented within a digital television ' 

T °' '^"""^ ^ "^^^ ^'"^^ '-9"''"ate copies 

30 

A Certificate Authority (not shown) issues digital certificates and 
public and pnvate key pairs, which are used as explained below. It is within the 
scope of this invention that the role of the certtficate authority may be performed 
by the sen.ce providers in collaboration with the manufacturers of the devices A 
35 bilhng cerrter may be utilized to manage the use.s accounts; updated information 
s provided as use,B make arrangements to purchase additional services and as 
these sen^ices are consumed or used. 

40 th. .nt ti f responsible for delivering: (1) the sen/ices. and (2) 

40 the entitlement messages (entitlement control messages) that allow any user to 
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buy those services. The broadcast channel is used only to deliver the services 
and information for access to these sen/ices. All the remaining transactions are 
carried out using a return channel (i.e., a modem and a phone connection or a 
cable modem). The present conditional access system may be based on E-cash 
5 card loading. A user pre-loads his/her card with a certain amount of cash (from 
debit or credit accounts), and then uses the card to buy services as described 
below. 

If a retum channel connection is not available to communicate with 
10 the CA server, then loading cash to the card requires the user to either access a 
device with back-channel support or go to a particular location (bank, ATM, 
vendor's regional office) to have the card loaded. The CA operators act like the 
card holder^s or user's bank, while the billing center acts like the merchant's bank. 
The fixed amount of "cash" loaded into the renewable security device, for 
15 example, a removable smart card or conditional access module, can now be used 
to pay for sen/ices offered by a broadcaster or for the viewing of a recorded 
program. Whichever cash transfer mechanism is employed, the user requests a 
transfer of a specific amount of money to the CA card from a credit or debit 
account. 

20 

Once money is loaded into the card, a user can buy any number of 
services offered by broadcasters or, perhaps, may be used to purchase "viewing 
rights" for the recorded program. Each purchase reduces the amount of available 
money in the card by the sen/ice price. The services offered by broadcasters can 

25 be classified into two categories; PPV events and packages. An event is a TV 
program with an allocated slot in a program guide, and a package is simply a 
collection of events. Examples of packages are (1) all the football games in a 
given season, (2) the late Sunday movies on one or more ATSC virtual channels, 
(3) subscription to a particular virtual channel such as HBO. All events usually 

30 have one or more of their audiovisual streams scrambled using a common or 
shared symmetric key algorithm. 

Upon purchase of an event or package, a record may be stored in 
the smart card which may be later transferred to the CA vendor. Once the stored 
35 purchase infomiation is sent to the CA database, the CA vendor can pay 
broadcasters for the provided sen/ices. 

The security of the system may be based on standard and widely 
accepted public key and symmetric key algorithms. For example, suitable 
40 algorithms include RSA for public key encryption and triple DES and/or single 
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DES or symmewc key scrambling. In an exemplary system uUizIng these 
algorithms, there is a global RSA publio*,ivate key pair, KpuWKpri for the entliB 
systen,. The publio key is shared by al, the b^adcasters, and the c^Cndtg 
pnvate key ,s placed In the tamper-proof NRSS-based smart cards, distnUed by 
6 Ute CA providers to tl,e consumers. This public key is used to protect the ECMs 
generated at the headend. « within the scope of this inventtoh that a 
scramNmg algorithm may be a cipher other than DES. 

in ho,K /'™T*''^'""^'"°"^''>''"™'™='*«"=«<"'»'«s™e keyfor 
10 both encrypfton and decryption. The foundatton of pubiic-key cryptography is the 
use Of related keys, one public and one private. The prlvateTeyl a selre 
key, and * ,s computattonally unfeasible to deduce the private key fram the public 
ey, w ,ch ,s publicly available. Anyone ^h a public key can encrypt a message, 
but only the person or device having the associated and predeterniined private 
15 key can decrypt it. H'lvaie 

A digital home network 1 0, as depicted in Figure 1 . is a cluster of 
digital audio/visual (AA/) devices including set-top-boxes 12. TVs 14 VCRs 16 
DVD players 18 and general-purpose computing devices (not shown such as ' 

20 personal computers. Several digital interfaces will be available for device 

interconnection within home networics. For example. EiA-775 DTV 1394 Interface 
Specification defines a specification for a baseband digital interface to a DTV 
which IS based on the IEEE 1394 Standard for High Perfomiance Serial Bus. The 
IEEE 1 394 senal bus allows digital devices such as televisions, VCRs DVD 

25 p ayers and set-top-boxes to communicate with each other. It provides two types 
of transport: asynchronous transport for "guaranteed deHverf, and the optional 
isochronous transport for "guaranteed timing." (Isochronous channels are 
required for multimedia applications.) EIA-761 DTV Remodulator Specification 
with Enhanced OSD Capability and EIA.762 DTV Remodulator Specification 
??Z specifications for a one-way data path utilizing an 8 VSB and a 

16 VSB remodulator. respectively, in compliance with ATSC Standard A/53 
Annex D. 
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The present invention defines a new paradigm for copy protection 
ITJJT T "T'- ™' '"'''^"^ d'9'tal content 

H«r w ♦ rT^'' '^^^'''^^'^ '''^''^ ^ • copyrighted content is 

delivered to the home network 10 from a number of sources. It may be 
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transmitted via satellite 20, terrestrial 22 or cable 24 systems or recorded on a 
digital tape 26 or a DVD 28. Transmitted or recorded on media, the content can 
be identified as "never-copy"', "copy-once" and "free-copy"'. These three states 
are represented using the Copy Generation Management System (CGMS) bits. 
(The CGMS bits are a part of the CCI.) All the AA/ devices in the cluster should 
obey "playback control", "record control" and "one-generation control" rules as 
summarized below. 





^^^^ 




^^^^^^^ 












Play. 


Play. 


Play. 


Play. 




Do not 


Record and change 


Do not 


Record. 




record 


content type to "no-more- 


record. 








copies" in the new copy. 







A copy protection system must protect the transmission of the 
audio/video content from one AA/ device to another, and must protect the storage 
of the audio/video content. The present invention defines solutions to both of 
these problems by "keeping content scrambled until it is displayed". It allows 
recording of scrambled content, but prohibits viewing if the content is not 
legitimate (i.e., not an original or a one-generation copy). This is in contrast with 
the recording rules as defined in the above table. 

Particularly, Figure 1 illustrates a typical home network comprised of 
various digital audio/video devices capable of receiving digital content (e.g., a 
movie) where the present invention may be employed. The digital content is 
encoded with MPEG-2 Transport Stream (TS) fomiat and broadcast together with 
the Entitlement Control Messages (ECMs). An ECM (see Figure 2a) is a 
cryptogram of the control word (i.e., descrambling key) and the access conditions. 

The STB or DTV receives the scrambled AA/ stream from a source 
(broadcast head-end or player) and transmits it directly to a smart card. The 
smart card (SC) 30 is inserted into, or coupled to, a smart card reader (not 
shown); an intemal bus interconnects the STB or DTV and the smart card thereby 
permitting the transfer of data therebetween. Such smart cards include, for 
example, ISO 7816 cards complying with National Renewable Security Standard 
(NRSS) Part A or PCMCIA cards complying with NRSS Part B. As stated above, 
this inventive concept is not limited to smart cards per se, but can be employed 
with any renewable security device. Conceptually, when a smart card is coupled 
to a smart card reader, the functionality of the smart card may be considered to 
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15 



display message (OSD) prompte , he consumer ,o Miate a purchase offer ^7 
before ,he movie starts.) A eubscri„lon enttlemen, is stored in the caTbran 
eve. en.,.,e,nen,,s.«„sm«ed„«H the even, and usedto,^^^^^^^ 

I'"' ^Iste". methods lor differentiating copies from an 
or,g,nal and then verttying if the copy is legiUmate pdorto enabllngTuse Mo 
v,ew he copy are defined below, in eimer method when the scr^^^d p'lm 
IS to be recorded, the first thing the recording device (e.g., a DVCR or a DVD 
recorder) does is to veHfy whether the program Is scrlmbled. T 

(PID) in the packet header. One alternative would be to check the Transoort 
scrambling Cont™, (ISO) b»s In the transport packet header. Inother mid 
woi^d be to ascertain whetherthe program scramNed as desCbed beic! The 

III r "^"^^ '^'''^ ^" '-'^ "^'a" codes- ,L 
indicate synchronizing points in the bl, stieam. For example, there are -plcturl 

tl:r r T ™' ^* '"^ °' ^ " MPEG .1 

b« str am. These frames can occur al 60, 60, 30, or 24 frames per second (fps) 

f me rate of picture start codes per second is close to one of .he posstole rates 
then It IS reasonable to assume that the bit stream is not encrypted. 

scrambled .hrr""' 7"°"'™™ *^ invention if ,ha content is 

scrambled, the recorder enc^ts the ECMs using the global public kev Before 

2b) .0 each ECM as an indication of copying. In general, every time a scrambled 
rnce is copied, its ECMs are enc^ed once again, a proceed ha mZ 
referred to as -nesting-. This allows the smartest to detennine how mly times 
me ordinal movie has been copied. The fcllo^ng example (whemin GPK i Te 
Global public key, E is the Enc^lon process, CW is the Control Jo^ (the toy 
or desorambling) and ECM contains CW, CCi, source of the content 12 
data) detecte an illegitimate copy and prevents the display thereof, 

*""™="^™°'«'9"iovlehasthefomi:EoPK(0W never^oDvl 
if a reorder rece.es this ECM, « wii, .ransfom, « .o: Eo. I^:!(CW, nlrZi, 
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copy-mark)]. The movie with this nested ECM will be the output of the recording 
process. When a user attempts to view it, the smart card will detect that it is a 
copy of a "never-copy*' content and will not allow display. If the movie is a "copy- 
once" content, the ECM will be in the form: Eqpk [Egpk(CW, copy-once), copy- 
mark)] in the copy. This is an indication of a legitimate copy and the smart card 
will allow viewing. However, If a copy of a copy is created, the ECM will have two 
layers of nesting, for example, [Eqpk {Egpk [Egpk{CW. copy-once), copy-mark)], 
copy-mark}], and the copy will be detected to be Illegitimate. 

One way to increase the security of the copy protection system is to 
use a local public key for recording purposes. This requires a smart card with a 
unique public/private key pair. For copying a movie, the smart card is coupled to 
the VCR and provides the public key. The public key is then used to encrypt the 
ECMs to create a copy that can be played only with the corresponding unique 
private key. 

Another option to increase the security of the system is to attach a 
unique recorder ID together with the copy-mark during the ECM nesting process. 
This additional information creates a binding between the copy and the recorder. 
Further, both the recorder and the smart card would have the same recorder ID. 
Therefore, viewing of the copy would only be possible with the smart card having 
the recorder ID. 

Every copyrighted (and encrypted) digital content shall be available 
to be copied on any recorder. The created copy, if legitimate, can then be viewed 
according to the rules of an established payment system. If, for example, a DTV 
receives a scrambled program without a nested ECM, then the DTV would treat 
the program as if it was an original scrambled program and not a copy. That is, 
the DTV would allow the program to be viewed. However, if the user wished to 
make a copy of the "original program", then the ECM and a data item would 
together be encrypted in accordance with the present invention. 

In an alternate embodiment of the present Invention, the ECMs are 
extended to contain the CGMS bits and access rights as well as control words. 
Every time copyrighted content (e.g., a movie) is recorded, the extended ECMs 
(XECMs) are modified through a one-way, irreversible transfonmation (for 
example, hashing) to distinguish copies from the original. A function f from a set 
X to a set Y is called a one-viay function if f (x) is easy to compute for all x e X but 
for essentially all ye lm( f ), it is computationally infeasible to find any xe X such 
that/(x) = y. 
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card receives the yppM •» 
depending on the type of the svstem t ! ^' P''°cesses them 

accommodated within this archLctl cl^^^^^ ''''''' be 
5 Copy Protection (CP) systems ^^A) systems and 

' ^-r^^^^^^^^^ Before 

mod^ed and responds a^rdrrr "^"^ ^^^Ms are 

system. *° ^« P^e-defined rules of the CA 

10 

15 The processing of XECiVIs will be exnl«i„.^ • 

refemng to Figures 2C and 3 AssumTf """^ ^'^^ ^^-"^P'e and 

XECM syntax is defined to be XECM Ek^C^^^^^^^^ °" ^ 

^.t = f W for i > 0 and E Is the encn/nin ^P^' "'^^^^ ^ = 

is the control word. D/T Is the date anZr/°''''' ^ " ^^y- 
20 a one-way function. ''"'"P' ^ ^ ^^ndom number, and /is 

(a) Content type is "never-copy": 
Recorder input: EwlCW n/r 

^ When me uae.a«e.pf .r^^iH ^rT' 1' 1 

mey are not equal, display will not be allowed, 
(b) Content type is "copy-once- 

"tegHimate since f ( f (x„) ) - x M . T ^ *^ will be 

~io„o,.hen'j:i:rirri%rde ~ 

by a pirated ^TZ. To^.^^ri' ^ -P- 

-odifled, it ™-» oonside, I. tT.^ altr T'^ ™' ^ 

usedto assign Wed llfett t^^l 1 T^^^^^^ 
made from them. Prerecorded media and authorized copies 
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A very important feature of the "XECM modification" scheme is that 
It gives the content distributors (broadcasters and publishers) complete freedom 
in choosing their encryption algorithm for creating the XECMs. Hence, although 
5 the copy protection system is constructed as an extension of the CA systems, it is 
"decoupled". The only requirement is to use the common structure for the XECM. 

As described below, the XECM originating at the content source has 
two sections: Private and Mandatory. The Private section contains fields that are 
10 privately defined by the operators of CA and CP systems. The Mandatory section 
contains three fields that must be included in all XECMs. 

The fields in the Private section of the XECM include: XECM Jd 
(Unique identifier for the Extended Entitlement Control Message), XECM Jength 

15 (an 8-bit field specifying the number of bytes in the XECM), fonnatjdentifier (a 
32-bit field that identifies the registration authority that assigns values to the 
providerjndex field), providerjndex (a 16-bit field that identifies the content 
provider), program^eventjd (a 24-bit field that identifies a particular TV program 
or event), transport_streamJd (a 16-bit field that identifies the Transport Stream 

20 where the event is being carried), source Jd (a 1 6-bit field that identifies uniquely 
the particular sen/ice where the event is being transmitted), eventjd (a 14-blt 
field that identifies uniquely a particular event within a given service of this 
Transport Stream), startjime (a 32-bit field indicating the event start time), 
length Jn_seconds (a 20-bit field indicating the length of the event), title^segment 

25 (the first 1 0 characters of the English title for the event that this message 
describes), event_price (a BCD field which indicates the cost of the event), 
scrambling_key (a 64-bit key necessary for de-scrambling the video and audio 
signals for the event under consideration), descriptorsjength (the total length of 
the descriptor list that follows the descriptors). The Mandatory section of the 

30 XECM include: CCI — Copy Control Information (CGMS bits, APS trigger bits and 
Digital Source bit), copyJndicatorJnitiaLvalue (a random bit sequence) and 
copyjndicator (a bit sequence equal to copyJndicatorJnitiaLvalue). 

DTV 14 is the final destination of the digital content 40 for viewing. 

35 It receives the scrambled AA/ stream from a source (broadcast/cable head-end, 
satellite, cable STB, DBS STB or playback device) and transmits it directly to the 
smart card 30. Smart card 30 checks if the content is legitimate. For example, if 
it receives a broadcast PPV movie, an OSD prompts the consumer to initiate a 
purchase offer before the movie starts. If the movie is purchased, a record is 

40 stored in the card. The card then recovers the scrambling keys and descrambles 
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the Stream. The information about the event rnnv. ♦ 

contained in the XECMs is used to generr* T T ''''^ 

outputs the same stream it receives ''"^"y- 

If a movie is to be recorded the Dvpr h^*^^* ^ 
^Om. .n add,«o„, ..e T,.„spo« So J^g c W^.^",^ '"^ 
packet header can be checked it, «» » .k ' *° transport 

*e content is not scran^d ^^3^7 ' "™ 
scrambled movie is copied 113 X60^^ '"S^s'^Leve^-timea 
smart ca,d to detem,irhow . a«ows the 

option.,, the x^c7:rc:rz;i:tr 

inserted to the recover. In this cLeTeT T ^=='9"='"o ^ card 
reader. *° 'o have a smart cart 

numerous ernToIlter TX"'^ ""^ ^ 

unde,«anding of the Cool n ™'*9 

embodiment ^iocc!'o .ZTkL" r": '» 

a«e.tions „^i„ the scopr^Cpe^^^rr " ^ '° ''--e such 
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Claims 

1 . A method for copying a program having a scrambled program content 
component and an encrypted control component comprising: 

(a) receiving, in a recording apparatus, said program; 

(b) attaching a data item to said encrypted control component, said 
data Item indicating that said program has been copied; 

(c) encrypting said encrypted control component and said data item to 
generate a nested control component; and 

(d) recording said program content component and said nested control 
component. 

2. The method of Claim 1 wherein the steps of receiving, attaching and 
encrypting are performed in a smart card coupled to said recording 
apparatus. 

3. The method of Claim 2 wherein said encrypted control component 
comprises copy control information, a descrambling key associated with 
said scrambled program content component. 

4. The method of Claim 3 wherein said copy control information indicates one 
of never-copy state and copy-once state. 

5. The method of Claim 4 wherein said encrypted control component is 
encrypted using a global public key. 

6. The method of Claim 5 wherein said nested control component is 
encrypted using said global public key. 
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7. me ™«,od 0, Clal. 6 wharein sai. glCa, pu* .ey is ^ 
oard, said s.a„ card Having a cones^^ pHvate 



5 8. 



10 



10. 



11. 



The .emod o, C.^ 7 Where. sa« enc^ted con,., component ,u«her 
compr^ea pu.hase Notation co.p^,„g channel ide«»,ca«c„ data 
even, ident^y data, date and „me stamp dau, and billing date. ' 

TT.e memod C Claim 8 wherein said emart card compnses a card body 
^ a plu™«y o. .ennuis arranged on a surface o. said can. body in 
accordance with one of ISO 7S16 and PCMCIA card standards 



The ™.hod 0, Claln, g whe«i„ said , , 

cassette recorder. 



The n.e«,od o, Claim ,o wherein said .cording apparaUis Is a recordable 

DVD apparatus. 



12. A method tor managing access to a copy of a restHCed program, said 
method comprising: 

(a) recei^^ng said restricted program in a processing apparatus, said 
-triced program having a scrambted program content component 
and a nested control component, said nested control component 

being encrypted; 

(b) decrypting said nested control component to obtain an enc^ted 
control component and a data «em. said data item indlca«hg that 
said restricted program has been copied; 

(0 decrypting said encrypted control component to obtain a 
desorambling key and copy central infomratlon; 
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comparing said copy control information and said data item to 

detemiine if said copy is valid; and 

descrambling said program content component, using said 

descrambling key in response to a determination that said copy is 

valid. 



13. The method of Claim 12 wherein said encrypted control component and 
said nested control component are encrypted using a global public l<ey. 

10 14. The method of Claim 1 3 wherein the steps of receiving, decrypting, 

comparing and descrambling are performed in a smart card coupled to 
said processing apparatus, said steps of decrypting employ a private key 
stored in said smart card and associated with said global public key. 

15 15. The method of Claim 14 wherein said encrypted control component further 
comprises purchase information comprising channel identification data, 
event identity data, date and time stamp data, and billing data. 

16. The method of Claim 15 wherein said purchase infomnation comprises the 
20 cost of said program, said method further comprising: 

(a) deducting the cost of said program from a cash reserve stored in 
said smart card to determine a calculated cash reserve; 

(b) descrambling, in said smart card, said scrambled program content 
component using said descrambling key in response to having a 

25 positive calculated cash reserve; and 

(c) passing said descrambled transmitted event to said video 
processing apparatus. 



17. 

30 



The method of Claim 16 wherein said cash resen/e is downloaded in an e- 
cash certificate message from an automatic teller machine. 
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18. The method of Claim 17 wherein said processing apparatus is one of a 
digital video cassette recorder/player and a DVD recorder/player. 

19. The method of Claim 18 wherein said smart card comprises a card body 
wrth a plurality of temiinals arranged on a surface of said card body in accordance 
with one of ISO 7816 and PCMCIA card standards. 

20. A method for managing access to a recorded copy of a restricted program 
using a smart card coupled to a video processing apparatus comprises: 

(a) transfening. from a bank, a cash reseive to said smart card; 

(b) receiving, in said smart card, said recorded copy of said reslricted 
program from said video processing apparatus, said restricted 
program having a scrambled audio/video component and a nested 
control component, said nested control component being encn^pted; 

(c) decrypting said nested control component to obtain an encrypted 
control component and a data item, said data item indicating that 
said restricted program has been copied; 

(d) decrypting said encrypted control component to obtain a 
descrambling key. copy control information and purchase 
infomiation; 

(e) comparing said copy control infomiation and said data item to 
detemiine if said copy is valid; 

verifying that the cost of said restricted program is less than the 
stored cash resen/e and deducting the cost of said restricted 
program from said stored cash reserve; 

descrambling said audio/video component, using said descrambling 
key. 



(f) 



(g) 
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